> For stuff like TURN/STUN/... I would suggest to investigate the > possibility of > tokens for user authentication (which cannot be used to log into the XMPP > service). I think I’ve seen such an implementation of a STUN/TURN/XMPP > setup > in the past, but I can’t remember where. >
We're actually implemented user auth via tokens in XMPP. It's a bit clumsy because when a client connects with password we handle him a token and break session, expecting a client to connect with token for normal session, and client can list and revoke token to terminate a session he want's to end. Storing passwords in clients is really bad idea. -- Ненахов Андрей Директор ООО "Редсолюшн" (Челябинск) (351) 750-50-04 http://www.redsolution.ru
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
